Over the past few decades, the power of computing devices has progressively increased, whilst at the same time the size of various computing devices has decreased considerably. This led to the development of personal or desk top computers of relatively small size. Such computing devices have become even more compact and powerful, leading to the development of so-called laptop computers. Such a laptop computer has dimensions typically comparable to a conventional businessman's brief case, and as such can be readily transported by a user and taken wherever the user wishes.
Now, when computing devices were of a relatively large or fixed sized, security was relatively easily controlled. At a basic level, one could simply use long established security techniques, such as locked doors etc., to control actual physical access to the computer. Now that smaller and more portable computing devices are available, security becomes a much greater and entirely different problem. In the case of laptop and other portable computers which can be carried around, an administrator has a problem of simply not knowing where a computing device is at any one time. It is also possible that a laptop computer could simply be lost or simply left in a public place, e.g. on public transit.
Bearing in mind that laptop computers are frequently used for storing and processing sensitive data, for example tax information, investigative data collected by police and other authorities, it is extremely important to ensure that the data is maintained secure, even if the laptop computer is accidentally lost or mislaid.
This problem has been recognized, but current attempts at providing any degree of security have been crude and ineffectual for a variety of reasons.
It is known to provide a simple password control for access to certain files. This suffers from the fundamental disadvantage that the files themselves are still perfectly readable, i.e. they are not encrypted in any way. Accordingly, whilst any ordinary user, who is not supposed to have access, would be stopped by the password control, a skilled computer professional could in many cases gain access to the files.
It has been known to provide for encryption of data by means of a software program. This has a number of disadvantages. Firstly, such an encryption technique is relatively slow. Secondly, it relies on the fact that the user will, in fact, encrypt the necessary data. There are many situations, where an administrator or supervisor needs to be confident that, for all the laptops for which they are responsible, the appropriate degree of security is in fact being provided. In other words, there should be no mechanism by which an individual user can subvert or avoid using the required level of security.
Another mode of controlling access to individual computing devices is by means of an IC card. An IC card is a card, somewhat similar physically to a conventional credit card, but including a microprocessor and memory, to give it some data processing capabilities. Known techniques rely upon provision of an external IC card reader connected to the laptop. By itself, this again provides for no data encryption, and as the IC reader is separate from the computing device, it is possible for a knowledgable person to detach the card reader and gain access to the files. Further, the provision of a separate IC card reader is physically highly inconvenient, particularly for a portable or laptop computer.
Accordingly, what is desired is a system or modification to a laptop computer, which provides a high degree of security, to prevent unauthorized access to one or both of data and application files. The system should be such as to ensure that a minimum level of encryption is provided to all the files, which cannot be overridden by a user. Further, it is desirable that such a system should provide different levels of access, so that there is one level enabling all the files to be changed, and at least one further level which provides more restricted access.
Preferably, the system is such that it is wholly integrated into a laptop or other computing device, such that the portability of the device is not impaired. Further, the integration should be such as to render it virtually impossible to remove the security elements or module incorporated into the device, without detailed knowledge of the whole device.